diff --git a/README.md b/README.md index 13b940e192..4bf11b6734 100644 --- a/README.md +++ b/README.md @@ -182,8 +182,8 @@ See [this](Release.md) for instructions on how to make a new release. * `MULLVAD_BACKTRACE_ON_FAULT` - When enabled, if the daemon encounters a fault (e.g. `SIGSEGV`), it will log a backtrace to stdout, and to `daemon.log`. By default, this is disabled in release-builds and enabled in debug-builds. Set variable to `1` or `0` to explicitly enable or - disable this feature. Logging the backtrace cause heap allocation. Allocation is not signal safe, - but here it runs in the signal handler. This in technically undefined behavior and therefore + disable this feature. Logging the backtrace causes heap allocation. Allocation is not signal safe, + but here it runs in the signal handler. This is technically undefined behavior and therefore disabled by default. This usually works, but enable at your own risk. ### Development builds only @@ -262,7 +262,7 @@ launchctl load -w /Library/LaunchDaemons/net.mullvad.daemon.plist ## Tray icon on Linux -The requirements for displaying a tray icon varies between different desktop environments. If the +The requirements for displaying a tray icon vary between different desktop environments. If the tray icon doesn't appear, try installing one of these packages: - `libappindicator3-1` - `libappindicator1` diff --git a/android/app/src/main/kotlin/net/mullvad/mullvadvpn/compose/dialog/NegativeConfirmationDialog.kt b/android/app/src/main/kotlin/net/mullvad/mullvadvpn/compose/dialog/NegativeConfirmationDialog.kt index dab6142c89..927d241038 100644 --- a/android/app/src/main/kotlin/net/mullvad/mullvadvpn/compose/dialog/NegativeConfirmationDialog.kt +++ b/android/app/src/main/kotlin/net/mullvad/mullvadvpn/compose/dialog/NegativeConfirmationDialog.kt @@ -45,7 +45,7 @@ private fun PreviewDeleteConfirmationDialogError() { AppTheme { NegativeConfirmationDialog( message = "Do you want to delete Cookie?", - errorMessage = "An error occured", + errorMessage = "An error occurred", onConfirm = {}, onBack = {}, ) diff --git a/android/lib/model/src/main/kotlin/net/mullvad/mullvadvpn/lib/model/Cipher.kt b/android/lib/model/src/main/kotlin/net/mullvad/mullvadvpn/lib/model/Cipher.kt index 4571c824dd..ce4ecb132e 100644 --- a/android/lib/model/src/main/kotlin/net/mullvad/mullvadvpn/lib/model/Cipher.kt +++ b/android/lib/model/src/main/kotlin/net/mullvad/mullvadvpn/lib/model/Cipher.kt @@ -1,6 +1,6 @@ package net.mullvad.mullvadvpn.lib.model -// All suppported shadowsocks ciphers +// All supported shadowsocks ciphers enum class Cipher(val label: String) { AES_128_CFB("aes-128-cfb"), AES_128_CFB1("aes-128-cfb1"), diff --git a/audits/2025-03-20-assured-installer-downloader.md b/audits/2025-03-20-assured-installer-downloader.md index 1d3781c6a0..c7f15543c1 100644 --- a/audits/2025-03-20-assured-installer-downloader.md +++ b/audits/2025-03-20-assured-installer-downloader.md @@ -35,7 +35,7 @@ to them. The script we use to automate part of the desktop app release process (`4-make-release`) uses `gpg --verify` to ensure that the installers it has fetched from Mullvad's internal release servers are not tampered with. -Both the installer and the accompanying signature comes from the same server. +Both the installer and the accompanying signature come from the same server. The audit report claims that `gpg --verify` will succeed as long as the signature matches the data, no matter which key produced the signature. This claim is not fully accurate according @@ -54,7 +54,7 @@ identified two potential risks here: The manpage for `gpg` explicitly states that only using the exit code, like we do, for signature validation is not appropriate. So Assured is correct in pointing out this behavior as risky. -Both Assured and the manpage for `gpg` recommends `gpgv` as an alternative for usage in scripts. +Both Assured and the manpage for `gpg` recommend `gpgv` as an alternative for usage in scripts. However, even `gpgv` is a bit unclear about how it handles key servers and bundled pubkeys. So instead we decided use [Sequoia] to verify the signatures, as it allows explicitly specifying what PGP pubkey to trust. It also does not require us to initialize any keyring, so it is simpler @@ -83,7 +83,7 @@ The recommendation here is to deserialize `canon_json` and return that as the tr A sidenote here is that the code was initially implemented according to the recommendation. The code was changed to return `partial_data.signed` just before the audit. This change was -a result of a pre-audit meeting between Mullvad and Assured where we probably missunderstood +a result of a pre-audit meeting between Mullvad and Assured where we probably misunderstood some of their early feedback on the metadata verification best practices. We [changed the implementation back] to only use the verified data, as recommended. @@ -97,7 +97,7 @@ We [changed the implementation back] to only use the verified data, as recommend The macOS version of the installer downloader runs as the user who launched it. The program will save the downloaded installer to a temporary directory writable by the user. The installer downloader will then verify the checksum of the file and launch it if it matches. This leaves -a possible Time-of-Check, Time-of-Use (TOCTOU) attack vector. Any program running as the the same +a possible Time-of-Check, Time-of-Use (TOCTOU) attack vector. Any program running as the same user can replace the installer downloader between the time it was verified and it was launched. Causing the installer downloader to launch a potentially malicious installer. diff --git a/audits/README.md b/audits/README.md index d4bc09a9f1..1fff379a68 100644 --- a/audits/README.md +++ b/audits/README.md @@ -14,7 +14,7 @@ performed on this app so far: ## Additional audits and certifications -Apart from the biannual audits mentioned above, we've also conducted the the following: +Apart from the biannual audits mentioned above, we've also conducted the following: * [2025-02-24 - NCC Group Mobile Application Security Assessment (MASA) of the Android app](./2025-02-24-nccgroup-android-masa.md) * [2025-03-20 - Audit of the installer downloader by Assured](./2025-03-20-assured-installer-downloader.md) \ No newline at end of file diff --git a/desktop/packages/mullvad-vpn/src/renderer/components/DaitaSettings.tsx b/desktop/packages/mullvad-vpn/src/renderer/components/DaitaSettings.tsx index 4a622527ae..ee95d35a49 100644 --- a/desktop/packages/mullvad-vpn/src/renderer/components/DaitaSettings.tsx +++ b/desktop/packages/mullvad-vpn/src/renderer/components/DaitaSettings.tsx @@ -275,7 +275,7 @@ function featureUnavailableMessage() { return sprintf( messages.pgettext( - // TRANSLATORS: Informs the user that the the feature is only available when WireGuard + // TRANSLATORS: Informs the user that the feature is only available when WireGuard // TRANSLATORS: is selected. // TRANSLATORS: Available placeholders: // TRANSLATORS: %(wireguard)s - will be replaced with WireGuard diff --git a/desktop/packages/mullvad-vpn/src/renderer/components/MultihopSettings.tsx b/desktop/packages/mullvad-vpn/src/renderer/components/MultihopSettings.tsx index 87ce98f6c8..75379f579f 100644 --- a/desktop/packages/mullvad-vpn/src/renderer/components/MultihopSettings.tsx +++ b/desktop/packages/mullvad-vpn/src/renderer/components/MultihopSettings.tsx @@ -111,7 +111,7 @@ function featureUnavailableMessage() { return sprintf( messages.pgettext( - // TRANSLATORS: Informs the user that the the feature is only available when WireGuard + // TRANSLATORS: Informs the user that the feature is only available when WireGuard // TRANSLATORS: is selected. // TRANSLATORS: Available placeholders: // TRANSLATORS: %(wireguard)s - will be replaced with WireGuard diff --git a/desktop/packages/mullvad-vpn/src/renderer/components/cell/Input.tsx b/desktop/packages/mullvad-vpn/src/renderer/components/cell/Input.tsx index 9b5ae3ea61..e7f129ca73 100644 --- a/desktop/packages/mullvad-vpn/src/renderer/components/cell/Input.tsx +++ b/desktop/packages/mullvad-vpn/src/renderer/components/cell/Input.tsx @@ -143,7 +143,7 @@ function InputWithRef(props: IInputProps, forwardedRef: React.Ref { handleInitialValueChange(props.initialValue); diff --git a/docs/architecture.md b/docs/architecture.md index 78305a8c6a..93c6380089 100644 --- a/docs/architecture.md +++ b/docs/architecture.md @@ -130,7 +130,7 @@ A high-level overview of the tunnel state machine can be seen in the diagram bel #### State machine inputs -There are two types of inputs that the tunnel state machine react to. The first one is commands sent +There are two types of inputs that the tunnel state machine reacts to. The first one is commands sent to the state machine, and the second is external events that the state machine listens to. Reacting to any event can result in the state machine transitioning away to a different state. @@ -246,7 +246,7 @@ on Linux. #### macOS -On macOS, the offline monitor uses `route -n monitor -` to listen for changes in the routing table, +On macOS, the offline monitor uses `route -n monitor -` to listen for changes in the routing table, reasserting that a default route exists any time a change is detected. It's only assumed that the host is offline if a default route doesn't exist. @@ -261,7 +261,7 @@ needed for routing tunnel traffic. #### Android To detect connectivity on Android, the app relies on [`ConnectivityManager`] by listening for -changes to the availability of non-VPN networks that provide internet connectivity. Connectivity +changes to the availability of non-VPN networks that provide internet connectivity. Connectivity is inferred if such a network exists. #### iOS diff --git a/docs/known-issues.md b/docs/known-issues.md index a71cee0b49..fbbd7af940 100644 --- a/docs/known-issues.md +++ b/docs/known-issues.md @@ -11,7 +11,7 @@ decided to not address for some reason. Some example reasons why issues might en provide a mitigation for * The only known fixes for the issue comes with other drawbacks, that we consider as bad, or worse than the original issue -* We are not able to reliably reproduce the issue. Enough anecdotal evidence exist to indicate +* We are not able to reliably reproduce the issue. Enough anecdotal evidence exists to indicate the issue is real, but Mullvad is unable to reproduce it. As a result, it is really hard to fix. This document should only contain issues related to security and privacy. This document is a diff --git a/ios/MullvadREST/Transport/Socks5/Socks5Handshake.swift b/ios/MullvadREST/Transport/Socks5/Socks5Handshake.swift index 23fadc64fd..34c10e7153 100644 --- a/ios/MullvadREST/Transport/Socks5/Socks5Handshake.swift +++ b/ios/MullvadREST/Transport/Socks5/Socks5Handshake.swift @@ -26,7 +26,7 @@ struct Socks5Handshake { // Append socks version data.append(Socks5Constants.socksVersion) - // Append number of suppported authentication methods supported. + // Append number of supported authentication methods supported. data.append(UInt8(methods.count)) // Append authentication methods diff --git a/ios/MullvadRESTTests/MullvadApiTests.swift b/ios/MullvadRESTTests/MullvadApiTests.swift index 64c0eb371b..77d323adbc 100644 --- a/ios/MullvadRESTTests/MullvadApiTests.swift +++ b/ios/MullvadRESTTests/MullvadApiTests.swift @@ -154,7 +154,7 @@ class MullvadApiTests: XCTestCase { UInt(expectedResponseCode), """ {"code": "\(expectedErrorCode)", - "error": "A magical error occured" + "error": "A magical error occurred" } """ ) diff --git a/ios/MullvadSettings/MigrationManager.swift b/ios/MullvadSettings/MigrationManager.swift index a29d623ddb..f1d4c3013b 100644 --- a/ios/MullvadSettings/MigrationManager.swift +++ b/ios/MullvadSettings/MigrationManager.swift @@ -35,7 +35,7 @@ public struct MigrationManager { /// and writes back to `store` when settings are updated. /// /// In order to avoid migration happening from both the VPN and the host processes at the same time, - /// a non existant file path is used as a lock to synchronize access between the processes. + /// a non existent file path is used as a lock to synchronize access between the processes. /// This file is accessed by `NSFileCoordinator` in order to prevent multiple processes accessing at the same time. /// - Parameters: /// - store: The store to from which settings are read and written to. diff --git a/ios/MullvadVPN/StorePaymentManager/StorePaymentManager.swift b/ios/MullvadVPN/StorePaymentManager/StorePaymentManager.swift index 5c4dfd8836..c7fff5b197 100644 --- a/ios/MullvadVPN/StorePaymentManager/StorePaymentManager.swift +++ b/ios/MullvadVPN/StorePaymentManager/StorePaymentManager.swift @@ -133,7 +133,7 @@ final class StorePaymentManager: NSObject, SKPaymentTransactionObserver, @unchec /// Validates the user account with backend before adding the payment to the queue. /// /// - Parameters: - /// - payment: an intance of `SKPayment`. + /// - payment: an instance of `SKPayment`. /// - accountNumber: the account number to credit. func addPayment(_ payment: SKPayment, for accountNumber: String) { logger.debug("Validating account before the purchase.") diff --git a/ios/MullvadVPN/View controllers/SelectLocation/LocationCellViewModel.swift b/ios/MullvadVPN/View controllers/SelectLocation/LocationCellViewModel.swift index 9b85f41647..24fb46c950 100644 --- a/ios/MullvadVPN/View controllers/SelectLocation/LocationCellViewModel.swift +++ b/ios/MullvadVPN/View controllers/SelectLocation/LocationCellViewModel.swift @@ -68,12 +68,12 @@ extension LocationCellViewModel { We check this by doing the following, in order: 1. Count hostnames in the tree. More than one means that there are other locations than - the excluded one for the relay selector to choose from. No exlusion. + the excluded one for the relay selector to choose from. No exclusion. 2. Count hostnames in the excluded node. More than one means that there are multiple locations for the relay selector to choose from. No exclusion. - 3. Check existance of a location in the tree that matches the currently excluded location. + 3. Check existence of a location in the tree that matches the currently excluded location. No match means no exclusion. */ func shouldExcludeLocation(_ excludedLocation: LocationCellViewModel?) -> Bool { @@ -87,7 +87,7 @@ extension LocationCellViewModel { if case .hostname = location { true } else { false } }.count - // If the there's more than one selectable relay in the current node we don't need + // If there's more than one selectable relay in the current node we don't need // to show this in the location tree and can return early. guard hostCount == 1 else { return false } @@ -97,7 +97,7 @@ extension LocationCellViewModel { if case .hostname = location { true } else { false } }.count - // If the there's more than one selectable relay in the excluded node we don't need + // If there's more than one selectable relay in the excluded node we don't need // to show this in the location tree and can return early. guard excludedHostCount == 1 else { return false } diff --git a/ios/PacketTunnel/DeviceCheck/DeviceCheckOperation.swift b/ios/PacketTunnel/DeviceCheck/DeviceCheckOperation.swift index ab88b22167..6ec7dbe29b 100644 --- a/ios/PacketTunnel/DeviceCheck/DeviceCheckOperation.swift +++ b/ios/PacketTunnel/DeviceCheck/DeviceCheckOperation.swift @@ -20,7 +20,7 @@ import WireGuardKitTypes tunnel process. Packet tunnel runs this operation immediately as it starts, with `rotateImmediatelyOnKeyMismatch` flag set to - `true` which forces key rotation to happpen immediately given that the key stored on server does not match the key + `true` which forces key rotation to happen immediately given that the key stored on server does not match the key stored on device. Unless the last rotation attempt took place less than 15 seconds ago in which case the key rotation is not performed. diff --git a/ios/PacketTunnelCoreTests/Mocks/KeyExchangingResultStub.swift b/ios/PacketTunnelCoreTests/Mocks/KeyExchangingResultStub.swift index 4bc320bad7..77c15edf47 100644 --- a/ios/PacketTunnelCoreTests/Mocks/KeyExchangingResultStub.swift +++ b/ios/PacketTunnelCoreTests/Mocks/KeyExchangingResultStub.swift @@ -25,9 +25,9 @@ struct KeyExchangingResultStub: EphemeralPeerReceiving { public func receiveEphemeralPeerPrivateKey( _ ephemeralPeerPrivateKey: PrivateKey, - daitaParameters daitaParamters: MullvadTypes.DaitaV2Parameters? + daitaParameters daitaParameters: MullvadTypes.DaitaV2Parameters? ) async { - await onReceiveEphemeralPeerPrivateKey?(ephemeralPeerPrivateKey, daitaParamters) + await onReceiveEphemeralPeerPrivateKey?(ephemeralPeerPrivateKey, daitaParameters) } func ephemeralPeerExchangeFailed() { diff --git a/mullvad-cli/src/main.rs b/mullvad-cli/src/main.rs index c77e894d8e..8761570587 100644 --- a/mullvad-cli/src/main.rs +++ b/mullvad-cli/src/main.rs @@ -75,7 +75,7 @@ enum Cli { Relay(relay::Relay), /// Manage Mullvad API access methods. /// - /// Access methods are used to connect to the the Mullvad API via one of + /// Access methods are used to connect to the Mullvad API via one of /// Mullvad's bridge servers or a custom proxy (SOCKS5 & Shadowsocks) when /// and where establishing a direct connection does not work. /// diff --git a/mullvad-daemon/src/access_method.rs b/mullvad-daemon/src/access_method.rs index cfc9241452..f49fad3fd9 100644 --- a/mullvad-daemon/src/access_method.rs +++ b/mullvad-daemon/src/access_method.rs @@ -13,9 +13,9 @@ pub enum Error { /// Can not find access method #[error("Cannot find custom access method {0}")] NoSuchMethod(access_method::Id), - /// Some error occured in the daemon's state of handling + /// Some error occurred in the daemon's state of handling /// [`AccessMethodSetting`]s & [`ApiConnectionMode`]s - #[error("Error occured when handling connection settings & details")] + #[error("Error occurred when handling connection settings & details")] ApiService(#[from] access_mode::Error), /// A REST request failed #[error("Reset request failed")] diff --git a/scripts/find-stale-remote-branches.sh b/scripts/find-stale-remote-branches.sh index 816db2f77c..63d80189b4 100755 --- a/scripts/find-stale-remote-branches.sh +++ b/scripts/find-stale-remote-branches.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash # -# Find and print all remote branches not commited to in over two months. -# Prints grouped by commiter email. Used to detect stale branches that +# Find and print all remote branches not committed to in over two months. +# Prints grouped by committer email. Used to detect stale branches that # could potentially be removed. TWO_MONTHS=$((60 * 60 * 24 * 60)) diff --git a/talpid-routing/src/lib.rs b/talpid-routing/src/lib.rs index 89effbdd46..233e60fe17 100644 --- a/talpid-routing/src/lib.rs +++ b/talpid-routing/src/lib.rs @@ -31,7 +31,7 @@ pub use imp::{ pub use imp::{Error, RouteManagerHandle}; -/// Link-layer/MAC adress +/// Link-layer/MAC address #[cfg(target_os = "macos")] #[derive(Debug, Eq, PartialEq, Clone, Copy)] pub struct MacAddress(pub [u8; 6]); diff --git a/talpid-routing/src/unix/macos/default_routes.rs b/talpid-routing/src/unix/macos/default_routes.rs index 9338049720..a672992ffa 100644 --- a/talpid-routing/src/unix/macos/default_routes.rs +++ b/talpid-routing/src/unix/macos/default_routes.rs @@ -92,7 +92,7 @@ impl DefaultRouteMonitor { } fn handle_events(&mut self, events: Vec) { - // Split events by address family and handle them seperately. + // Split events by address family and handle them separately. let mut ipv4_events = vec![]; let mut ipv6_events = vec![]; for event in events { diff --git a/talpid-wireguard/src/wireguard_kernel/mod.rs b/talpid-wireguard/src/wireguard_kernel/mod.rs index db00557ffa..3e6fb4f9bb 100644 --- a/talpid-wireguard/src/wireguard_kernel/mod.rs +++ b/talpid-wireguard/src/wireguard_kernel/mod.rs @@ -48,7 +48,7 @@ pub enum Error { WireguardNetlinkInterfaceUnavailable, #[error("Unknown WireGuard command: {0}")] - UnnkownWireguardCommmand(u8), + UnknownWireguardCommand(u8), #[error("Received no response")] NoResponse, diff --git a/talpid-wireguard/src/wireguard_kernel/wg_message.rs b/talpid-wireguard/src/wireguard_kernel/wg_message.rs index 6d97547e00..e7f81fdc1f 100644 --- a/talpid-wireguard/src/wireguard_kernel/wg_message.rs +++ b/talpid-wireguard/src/wireguard_kernel/wg_message.rs @@ -140,7 +140,7 @@ impl DeviceMessage { if cmd == WG_CMD_GET_DEVICE || cmd == WG_CMD_SET_DEVICE { Ok(cmd) } else { - Err(Error::UnnkownWireguardCommmand(cmd)) + Err(Error::UnknownWireguardCommand(cmd)) } } } diff --git a/test/test-manager/src/tests/config.rs b/test/test-manager/src/tests/config.rs index b7b7b9f207..5e88d8a183 100644 --- a/test/test-manager/src/tests/config.rs +++ b/test/test-manager/src/tests/config.rs @@ -36,7 +36,7 @@ pub struct TestConfig { pub host_bridge_name: String, pub host_bridge_ip: Ipv4Addr, pub os: Os, - /// The OpenVPN CA certificate to use with the the installed Mullvad App. + /// The OpenVPN CA certificate to use with the installed Mullvad App. pub openvpn_certificate: OpenVPNCertificate, } diff --git a/test/test-manager/src/tests/install.rs b/test/test-manager/src/tests/install.rs index b2620842c3..0639694986 100644 --- a/test/test-manager/src/tests/install.rs +++ b/test/test-manager/src/tests/install.rs @@ -354,7 +354,7 @@ pub async fn test_installation_idempotency( tokio::time::sleep(delay).await; } } - // Make sure that no network leak occured during any installation process. + // Make sure that no network leak occurred during any installation process. let guest_ip = pinger.guest_ip; let monitor_result = pinger.stop().await.unwrap(); assert_eq!( diff --git a/test/test-manager/src/tests/mod.rs b/test/test-manager/src/tests/mod.rs index 66635a10c1..6d39c94e51 100644 --- a/test/test-manager/src/tests/mod.rs +++ b/test/test-manager/src/tests/mod.rs @@ -60,7 +60,7 @@ pub enum Error { #[error("The daemon returned an error: {0}")] Daemon(String), - #[error("The daemon ended up in the the wrong tunnel-state: {0:?}")] + #[error("The daemon ended up in the wrong tunnel-state: {0:?}")] UnexpectedTunnelState(Box), #[error("The daemon ended up in the error state: {0:?}")] diff --git a/test/test-runner/src/sys.rs b/test/test-runner/src/sys.rs index 56edcc75d3..5f461f9013 100644 --- a/test/test-runner/src/sys.rs +++ b/test/test-runner/src/sys.rs @@ -410,7 +410,7 @@ impl EnvVar { let pre = input.next().ok_or(error)?; match pre { "Environment" => { - // Proccess the input just a bit more - remove the leading and trailing quote ("). + // Process the input just a bit more - remove the leading and trailing quote ("). let var = input .next() .ok_or(error)? diff --git a/wireguard-go-rs/src/lib.rs b/wireguard-go-rs/src/lib.rs index 6ac5c928f3..8ffbecc747 100644 --- a/wireguard-go-rs/src/lib.rs +++ b/wireguard-go-rs/src/lib.rs @@ -77,7 +77,7 @@ impl Tunnel { /// for the tunnel device and logging. For targets other than android, this also takes an MTU /// value. /// - /// The `logging_callback` let's you provide a Rust function that receives any logging output + /// The `logging_callback` lets you provide a Rust function that receives any logging output /// from wireguard-go. `logging_context` is a value that will be passed to each invocation of /// `logging_callback`. #[cfg(not(target_os = "windows"))] @@ -88,7 +88,7 @@ impl Tunnel { logging_callback: Option, logging_context: LoggingContext, ) -> Result { - // SAFETY: pointer is valid for the the lifetime of this function + // SAFETY: pointer is valid for the lifetime of this function let code = unsafe { ffi::wgTurnOn( #[cfg(not(target_os = "android"))] @@ -122,7 +122,7 @@ impl Tunnel { let mut assigned_name = [0u8; 128]; let mut luid = MaybeUninit::uninit(); - // SAFETY: pointers are valid for the the lifetime of this function + // SAFETY: pointers are valid for the lifetime of this function let code = unsafe { ffi::wgTurnOn( interface_name.as_ptr(), @@ -144,7 +144,7 @@ impl Tunnel { Ok(Tunnel { handle: code, assigned_name: assigned_name.to_owned(), - // SAFETY: wgTurnOn succeeded and the LUID is guaranteed to be intialized by wgTurnOn + // SAFETY: wgTurnOn succeeded and the LUID is guaranteed to be initialized by wgTurnOn luid: unsafe { luid.assume_init() }, }) } @@ -173,7 +173,7 @@ impl Tunnel { /// Special function for android multihop since that behavior is different from desktop /// and android non-multihop. /// - /// The `logging_callback` let's you provide a Rust function that receives any logging output + /// The `logging_callback` lets you provide a Rust function that receives any logging output /// from wireguard-go. `logging_context` is a value that will be passed to each invocation of /// `logging_callback`. #[cfg(target_os = "android")] @@ -185,7 +185,7 @@ impl Tunnel { logging_callback: Option, logging_context: LoggingContext, ) -> Result { - // SAFETY: pointer is valid for the the lifetime of this function + // SAFETY: pointer is valid for the lifetime of this function let code = unsafe { ffi::wgTurnOnMultihop( exit_settings.as_ptr(),